The world runs on open source software. Started as an ideological and cultural movement to spur innovation, today almost every company that develops software relies on some open source components as part of their product.
Think about that for a minute. Almost every application we rely on is built in part on blocks of code that come from that come from altruistically-motivated contributors — generally, no one profits directly from their creation, and there’s not always an incentive to maintain the software once created. While open source has created so much value, it also presents challenges. With more than 4,800 OSS vulnerabilities reported in 2017 alone and no single party on the hook to keep open source code secure, huge security breaches like the one that led to Equifax losing data for nearly 150 million people could continue to occur.
Early on, we backed Black Duck Software which became a leader in scanning code for open source components specifically for security and licensing needs. But Black Duck stopped short of actual software maintenance and support.
There have been companies started to solve this problem for the largest open source projects, like Red Hat for Linux or Cloudera for Hadoop. But many critical open source components live in the netherworld. What if you could create a marketplace that incentivized open source creators to provide continuous, commercial-grade support for their work? And then connected them to the companies and potential customers that are relying on that code? Something akin to a “Red Hat for everything else.”
This is exactly what co-founders Donald Fischer, Havoc Pennington, Jeremy Katz, and Luis Villa had in mind when they set off to build Tidelift, a new GC-backed company. The Tidelift team innately understands both the tremendous benefit and the pain points of incorporating open source code into apps and services. They — and we — believe there is an enormous market with pent-up, unmet demand today to eliminate those pain points for companies and to maximize the upside for authors by professionalizing the entire ecosystem.
Open source as the foundation for software development is here to stay. Most any company created in the last decade relies on it and professionalizing its use makes smart business sense. In the case of protecting consumers and their data, it is unequivocally the right thing to do. The Tidelift approach brings the model of many new successful companies, like AirBnB or Amazon’s marketplace to the open source software development world.
We’re excited to back Tidelift on this initiative and look forward to supporting them as they build what could be the most significant new platform in software development in some time.
Larry Bohn & Team GC